<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>注册页面</title>
</head>
<body>
<%
String msg = request.getParameter("msg");
if(msg==null){
	msg = "";
}
%>
登录	sql注入点：输入：'test1_u1' --  任意一个密码就可以登录<br /><br />
<form action="submit" method="post"><%=msg %>
		用户名：<input type="text" name="username" value="demo"  />
		密码：<input type="text" name="password" value="demo"  />
		<input type="submit" value="提交" />
</form>
</body>
</body>
</html>
